Have Your Team Trained by Database Professionals: Practical Database Training Tailored to Your Needs  




ABOUT

API

Many businesses in 2025 alone received fines amounting to hundreds of millions of dollars because they had suffered data breaches. Now, with the General Data Protection Regulation (GDPR) in place, fines could be even higher.

Our API can help you to not fall victim to hacker attacks. Everyone can use the API - it can be used to incorporate our search engine into any information system.

All users of the API should only use the service to improve the security of their service or product offerings, secure their API credentials, ensure that any information obtained through the BreachDirectory API or any other services is secured from unauthorized access, and follow all of the applicable laws pertaining to their jurisdiction.

If a record exists in our database, we will return a JSON “200 OK” response, which will look like so:

[
    {
        "title": "Test Data Breach",
        "domain": "test.com",
        "email": "test@test.com",
        "username": "Username",
        "ip": "127.0.0.1"
    }
	]

HOW?

USAGE

After gaining access to the API, you can use it like so:

https://BreachDirectory.com/api_usage?
method=$Method&key=$Key&query=$Query

  • - $Method - Search method. Users can search by providing a domain (“domain”), email (“email”), username (“username”), IP address (“ip”), or perform a general search through various OSINT sources (dark web, pastes, etc.) - for that, specify “general” as the method.
  • - $Key - API Key acquired by purchasing access to the API.
  • - $Query - Search Query.

Example (general search through various OSINT sources - “general” is specified as the method):

https://BreachDirectory.com/api_usage?
method=general&key=262010b83c3ac0f10fe5c01f18542551&query=demo@demo.com

If you have bought access to the bulk API plan, you will also be able to provide the API with a text (.txt or .csv) file of accounts to search for. In that case, an additional parameter - “bulk_url” - is needed. In that case, the API should be used like so:

https://BreachDirectory.com/api_file?
api_method=$Method&api_key=$Key&bulk_url=$URL

  • - $URL - The URL towards the file that contains user accounts that you need to search through the API. Make sure the extension of the file is either .txt or .csv.

Those people that have access to the bulk version of the API can also provide user accounts via the UI accessible here.

* There is no need to specify the query when using the API in bulk - specifying a file is enough.

If you have access to the bulk API search method, you will also have access to the Wildcard and Regex search methods as well as a variety of search methods within the data breach search engine.

Those search methods include searches through pastes using the General method, due diligence on Blockchain addresses when the Blockchain method is in use, searches on Threat Actors and KEV/CVEs, etc. Checking a due diligence checkbox when searching for an IP address returns more information on the IP address and checking Check what dark web service this URL is related to allows you to provide a URL of a dark web service and dig further into it.

ERROR MESSAGES

ERRORS

If the search fails, the system will return error messages. Some of them are:

- A search method is required.

When a search method is not specified.

- An API key is required.

When an API key is not specified.

- You have exceeded the limit of queries allowed for your API key.

When the limit of queries allocated to the API has been exceeded.

- Invalid or expired API key.

When the API key in use is invalid or expired.

- A search query is required.

When a search query is not specified.

- false or an empty array ([])

When the search did not return any results.

- File size too big! Consider removing some accounts from the file. We suggest searching for up to 100 accounts at once.

When the file you're using the bulk API with is too big. This is done to prevent malicious use, spam and possible system overload.